@dustinb3403 said in Scanning Domain for Shared Printers:
Has anyone had to do something like this? With the recent PrintNightmare vulnerability, we're obviously patching our systems, but we're also implementing some changes via GPO to force trusted print servers to be used, only.
What I am trying to sort out is a way to scan every system in a domain and see if it has a printer that is shared, specifically systems without the Printer sharing role installed (workstations, random servers etc).
This is a very rough hit for what I have, so I'm not sure if it actually would work. When I run it I'm getting a quota violation.
Import-Module ActiveDirectory
$comp = Get-ADComputer -Filter 'ObjectClass -eq "Computer"' | select -ExpandProperty DNSHostName
Get-Printer -ComputerName -Filter $comp | where Shared -eq $True
While this may not cover everything you are looking for, Advanced IP Scanner will show all shared folders and printers on all systems on the network.
https://www.advanced-ip-scanner.com